Legal claims defining the scope of protection, as filed with the USPTO.
1. A system for communicating between a first private network and a second private network, the system comprising: a first device in the first private network, having a first interface at which a first end of a tunnel is terminated, the first device being coupled to a first NAPT (Network Address Port Translation)-enabled device, and comprising a first address module and a first tunneling module that corresponds to a first local address within the second private network; a second device in the second private network, having a second interface at which a second end of the tunnel is terminated, the second device being coupled to a second NAPT-enabled device and comprising a second address module and a second tunneling module that corresponds to a second local address within the first private network; a server device, coupled to the first device and the second device, that provides information related to a location of the first device in the first private network and the second device in the second private network and facilitates NAPT penetration and the tunnel; and wherein the first address module enables the first tunneling module to communicate with the second device by penetrating the second NAPT-enabled device based on the second local address and the information received from the server device.
2. The system of claim 1 , wherein the first device is coupled to a first redirector that forwards data received from the first device to the first address module for communicating with the second device.
3. The system of claim 2 , wherein the first redirector intercepts data sent from the first device based on Internet Protocol standard.
4. The system of claim 2 , wherein the first redirector is coupled to a virtual DNS service module to retrieve the first local address, the virtual DNS server module associating the first local address with the second device.
5. The system of claim 1 , wherein the first address module determines whether the second device corresponds to the first local address of the first network.
6. The system of claim 1 , wherein the first address module assigns the first local address of the first private network to the second device.
7. The system of claim 1 , wherein the first local address is a private IP subnet address used by a local area network (LAN).
8. The system of claim 1 , wherein the first local address is a public IP address acquired by the first network for the second device.
9. The system of claim 1 , wherein the first NAPT-enabled device and the second NAPT-enabled device include routing devices and firewall.
10. The system of claim 1 , wherein the first tunneling module selectively penetrates the first NAPT-enabled device when the first device communicates with the second device.
11. The system of claim 1 , wherein the second tunneling module selectively enables penetration of the second NAPT-enabled device when the second device communicates with the first device.
12. The system of claim 1 , wherein the first tunneling module and the second tunneling module establish a communication channel to penetrate the first NAPT-enabled device and the second NAPT-enabled device.
13. The system of claim 1 , wherein the second address module modifies data received from the first device based on the first local address and the second local address.
14. The system of claim 13 , wherein the data received from the first device includes the information related to the addresses of the first device and the second device in the first network.
15. The system of claim 1 , wherein the server device assigns a first unique domain name to the first device and a second unique domain name to the second device.
16. The system of claim 1 , wherein the server device enables the first tunneling module and the second tunneling module to communicate the first device with the second device.
17. The system of claim 1 , wherein the server device authenticates the identity of the first device and the second device.
18. A private computing network, comprising: a first host device having a first private interface, coupled to a NAPT (Network Address Port Translation)-enabled device, that communicates with a second private interface on a second host device which is located outside of a private computer network containing the first host device, wherein the first host device comprises; an IP application module; an address module for assigning a first local IP address of the private computer network to the second host device; a redirector, coupled to the IP application module and the address module, for redirecting data received from the IP application module to the address module; and a tunneling module, coupled to the address module and a server device for establishing tunneling service, the tunneling module establishes a communication channel by penetrating the NAPT-enabled device.
19. The computing network of claim 18 , further comprising a virtual DNS service module, coupled to the first host device, for storing the first local IP address of the second host device.
20. The computing network of claim 18 , wherein the first host device is coupled to a device for assigning a domain name to the first host device.
21. The computing network of claim 18 , wherein the first host device and the second host device are coupled to a device for authenticating the identity of the first host device and the second host device.
22. The computing network of claim 18 , wherein the address module receives data from the second host device and modify the received data based on the first local IP address of the second host device.
23. The computing network of claim 18 , wherein the NAPT-enabled device includes a routing device.
24. The computing network of claim 18 , wherein the NAPT-enabled device includes a firewall.
25. The computing network of claim 18 , wherein the first host device is operative of peer-to-peer applications based on Internet Protocol.
26. The computing network of claim 18 , wherein the first host device is a computer.
27. The computing network of claim 18 , wherein the first host device is a mobile communication device.
28. A method for tunneling between a first private interface on a sender host and a second private interface on a recipient host, the sender and recipient hosts residing in different private networks, the method comprising: intercepting data between the sender host and the recipient host; associating the data with the recipient host based at least partially on a first IP address stored within the sender host, the first IP address being a local private IP address of the recipient host; and transmitting the data through the tunnel between the sender host and the recipient host, the tunnel penetrating at least one NAPT (Network Address Port Translation)-enabled device coupled between the sender and recipient hosts.
29. The method of claim 28 , further comprising the steps of: creating a signature of the sender host; and authenticating the identity of the sender by host by the recipient host based on the signature.
30. A method to securely communicate between a sender host and a recipient host, the sender host and the recipient host being coupled to at least one NAPT (Network Address Port Translation)-enabled device, the method comprising: establishing a communication channel between the sender host and the recipient host, the sender host and the recipient host being located in different private computing networks; establishing a tunnel through the at least one NAPT-enabled device by penetrating a first NAPT-enabled device within the at least one NAPT-enable device, the tunnel terminating at a first private interface on the sender host and a second private interface on the recipient host; receiving data from the sender host; modifying at least a portion of the data based on a first local address assigned to the sender host by a computing network where the recipient is located; and forwarding the modified data to the recipient host.
31. A computing device operative within a private computing network, coupled to a NAPT (Network Address Port Translation)-enabled device and a tunneling service device, comprising: an application module for operating an IP-based application to communicate with a receiving device which is operative outside the private computing network; a redirection module coupled to the application module, for intercepting a data packet sent from the application module to the receiving device, and for redirecting the data packet to a communication channel to penetrate the NAPT-enabled device based on a local IP address assigned by the private computing network for the receiving device; and wherein the tunneling service device participates in establishing the communication channel by facilitating the computing device to penetrate a NAPT-enabled device.
32. A computing device of claim 31 , wherein the redirection module is coupled to a tunneling module, the tunneling module coupled to the tunneling service device for establishing tunneling service and selectively penetrating the NAPT-enabled device.
Unknown
October 27, 2009
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.